Get-MsolUser

Gets users from Azure Active Directory.

Syntax

Get-MsolUser
   [-ReturnDeletedUsers]
   [-City <String>]
   [-Country <String>]
   [-Department <String>]
   [-DomainName <String>]
   [-EnabledFilter <UserEnabledFilter>]
   [-State <String>]
   [-Synchronized]
   [-Title <String>]
   [-HasErrorsOnly]
   [-LicenseReconciliationNeededOnly]
   [-UnlicensedUsersOnly]
   [-UsageLocation <String>]
   [-SearchString <String>]
   [-MaxResults <Int32>]
   [-TenantId <Guid>]
   [<CommonParameters>]
Get-MsolUser
   -ObjectId <Guid>
   [-ReturnDeletedUsers]
   [-TenantId <Guid>]
   [<CommonParameters>]
Get-MsolUser
   [-ReturnDeletedUsers]
   -UserPrincipalName <String>
   [-TenantId <Guid>]
   [<CommonParameters>]
Get-MsolUser
   [-ReturnDeletedUsers]
   [-City <String>]
   [-Country <String>]
   [-Department <String>]
   [-DomainName <String>]
   [-EnabledFilter <UserEnabledFilter>]
   [-State <String>]
   [-Synchronized]
   [-Title <String>]
   [-HasErrorsOnly]
   [-LicenseReconciliationNeededOnly]
   [-UnlicensedUsersOnly]
   [-UsageLocation <String>]
   [-SearchString <String>]
   [-All]
   [-TenantId <Guid>]
   [<CommonParameters>]

Description

The Get-MsolUser cmdlet gets an individual user or list of users. Specify the ObjectId or UserPrincipalName parameter to get a specific user.

Examples

Example 1: Get all users

PS C:\> Get-MsolUser

This command retrieves all users in the company. It displays up to the default value of 500 results.

Example 2: Get enabled users

PS C:\> Get-MsolUser -EnabledFilter EnabledOnly -MaxResults 2000

This command gets up to 2000 enabled users.

Example 3: Get a user by UPN

PS C:\> Get-MsolUser -UserPrincipalName "[email protected]"

This command retrieves the user with the UPN [email protected].

Example 4: Get a user by object ID

PS C:\> Get-MsolUser -ObjectId aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb

This command retrieves a user that has the specified object ID.

Example 5: Get users by search String

PS C:\> Get-MsolUser -SearchString "David"

This command retrieves a list of users with David in the display name or email address.

Example 6: Get preferred data location of a user

PS C:\> Get-MsolUser -UserPrincipalName "[email protected]" | Select PreferredDataLocation

This command returns the preferred data location of a user.

Parameters

-All

Indicates that this cmdlet returns all results. Do not specify together with the MaxResults parameter.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-City

Specifies the city to filter results on.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Country

Specifies the country or region to filter results on.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Department

Specifies the department to filter results on.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DomainName

Specifies the domain to filter results on. This must be a verified domain for the company. All users with an email address, primary or secondary, on this domain is returned.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnabledFilter

Specifies the filter for enabled or disabled users. Valid values are All, EnabledOnly, and DisabledOnly.

Type:UserEnabledFilter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-HasErrorsOnly

Inidates that this cmdlet returns only users that have validation errors.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-LicenseReconciliationNeededOnly

Indicates that this cmdlet filter for only users that require license reconciliation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-MaxResults

Specifies the maximum number of results that this cmdlet returns. The default value is 500.

Type:Int32
Position:Named
Default value:500
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ObjectId

Specifies the unique object ID of the user to get.

Type:Guid
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ReturnDeletedUsers

Indicates that this cmdlet returns only users in the recycling bin.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SearchString

Specifies a string to match email address or display name starting with this string.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-State

Specifies the filter for the state of the user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Synchronized

Indicates that this cmdlet returns only users who are synchronized through Azure Active Directory Sync.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-TenantId

Specifies the unique ID of the tenant on which to perform the operation. The default value is the tenant of the current user. This parameter applies only to partner users.

Type:Guid
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Title

Speicifies the filter for the title of the user.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-UnlicensedUsersOnly

Indicates that this cmdlet returns only users who are not assigned a license.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-UsageLocation

Specifies the filter for the country or region where the services are consumed by the user. Specify a two-letter country or region code.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-UserPrincipalName

Speicifies the user ID of the user to retrieve.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

Outputs

Microsoft.Online.Administration.User

This cmdlet returns user objects, which include the following information:

  • AlternateEmailAddresses. Alternate email address of the user (external to Azure Active Directory).

  • BlockCredential. Whether or not the user is able to sign in.

  • City. The user's city.

  • Country. The user's country or region.

  • Department. The user's department.

  • DisplayName. The user's display name.

  • Errors. An array of errors. These are validation errors that may result in loss of services.

  • Fax. The user's fax number.

  • FirstName. The user's first name.

  • ImmutableID. Only returned for federated users. This is the ID that is required to be federated with Azure Active Directory.

  • isBlackBerryUser. Returns whether or not the user has a BlackBerry device.

  • isLicensed. Whether or not the user has any licenses assigned.

  • LastDirSyncTime. The date and time of the last directory synchronization (only returned from users synced with Azure Active Directory through Active Directory synchronization).

  • LastPasswordChangeTimestamp. The most recent time at which a password change for the user was registered in Azure Active Directory.

  • LastName. The user's last name.

  • LicenseReconciliationNeeded. Whether or not the user currently has a mailbox without a license. In this case, the user should be licensed with 30 days to avoid losing their mailbox.

  • Licenses. A list of the user's licenses.

  • LiveID. The user's unique login ID.

  • MobilePhone. The user's mobile phone number.

  • ObjectId. The user's unique ID.

  • Office. The user's office number.

  • OverallProvisioningStatus. Whether or not the user has been provisioned for their services.

  • PasswordNeverExpires. Whether the user's password should be forced to change every 90 days.

  • PhoneNumber. The user's phone number.

  • PostalCode. The user's postal code.

  • PreferredDataLocation. The user's preferred data location.

  • PreferredLanguage. The user's preferred language.

  • ProxyAddresses. The proxy addresses associated with this user.

  • State. The user's state.

  • StreetAddress. The user's street address.

  • StrongPasswordRequired. Whether the user is required to set a strong password when they change their password. Strong passwords are recommended.

  • Title. The user's title.

  • UsageLocation. The country or region where the services are consumed by the user. This must be a two letter country or region code.

  • UserPrincipalName. The user ID of the user.

  • ValidationStatus. Whether or not the user has any errors.